System and method for protecting against dictionary attacks on password-protected TPM keys

Abstract

A computer system that may include a trusted platform module (TPM) along with a processor hashes a user-supplied password for a predetermined time period that is selected to render infeasible a dictionary attack on the password. The results of the hash are used to render an AES key, which is used to encrypt an RSA key. The encrypted RSA key along with the total number of hash cycles that were used is stored and the RSA key is provided to the TPM as a security key. In the event that the RSA key in the TPM must be recovered, the encrypted stored version is decrypted with an AES key that is generated based on the user inputting the same password and hashing the password for the stored number of cycles.

Description

I. FIELD OF THE INVENTION [0001] The present invention relates generally to securely storing backup encryption keys. II. BACKGROUND OF THE INVENTION [0002] Computer users wishing to implement a security solution are constantly faced with the tradeoff between convenience and security, because more security generally means more difficulty in using a system. A solution based on a Trusted Platform Module (TPM), or security chip, must contend with this tradeoff. [0003] In the case of a TPM, the most secure usage of keys generated for use with the TPM would involve generating the keys within the TPM chip, and not allowing the keys to migrate to other systems. While this offers security because the keys are useless to a hacker who might attempt to crack the keys for use on another system, it also requires that no backup copies of the keys can be kept. As understood herein, this has the inconvenient drawback that if the user's motherboard is replaced pursuant to, e.g., a hardware failure, t...

AI Technical Summary

Problems solved by technology

Computer users wishing to implement a security solution are constantly faced with the tradeoff between convenience and security, because more security generally means more difficulty in using a system.

While this offers security because the keys are useless to a hacker who might attempt to crack the keys for use on another system, it also requires that no backup copies of the keys can be kept.

As understood herein, this has the inconvenient drawback that if the user's motherboard is replaced pursuant to, e.g., a hardware failure, the keys are rendered worthless and new keys must be regenerated, a costly penalty to customers who have paid for digital certificates.

Also, any security credentials protected with the keys, such as stored passwords and encrypted files, would no longer be accessible.

Specifically, the presence of an administrator inconveniently is required for key restoration, and, if the master key is ever lost or compromised, the integrity of all keys in the environment likewise is compromised.

Alternatively using bare passwords to protect copies of the keys similarly is less than optimal, because passwords are susceptible to being defeated by dictionary attacks.

Images